[12139] in North American Network Operators' Group
Re: smurf's attack...
daemon@ATHENA.MIT.EDU (Jordyn A. Buchanan)
Fri Sep 5 17:12:51 1997
In-Reply-To: <F8F9425FD8@ccstaff.cc.ukans.edu>
Date: Fri, 5 Sep 1997 16:55:48 -0400
To: d-nordlund@ukans.edu, nanog@merit.edu
From: "Jordyn A. Buchanan" <jordyn@bestweb.net>
At 3:41 PM +0000 9/5/97, DAVE NORDLUND wrote:
>> Likewise, not all broadcast adresses necessarily end with .255,
>> so filtering .255 won't help anyway in the presence of something
>> like a /25 with a X.X.X.127 broadcast.
>
>Agreed but it is not easy for a hacker to determine CIDR masks. It
>is my impression that the only thing being sent is classfull broadcasts.
Further, smaller networks (which, theoretically speaking at least, have
fewer hosts) would be less useful in a smurf attack than larger ones, as
there would be less of a multiplying effect.
Jordyn
|----------------------------------------------------------------|
|Jordyn A. Buchanan mailto:jordyn@bestweb.net |
|Bestweb Corporation http://www.bestweb.net |
|Senior System Administrator +1.914.271.4500 |
|----------------------------------------------------------------|
